Protected containers: Allow nil value for fields `minimum_access_level`
What does this MR do and why?
- Allows
nil
value for attributesminimum_access_level_for_delete
andminimum_access_level_for_push
. - Why? At the moment it is only possible to create container protection rules where both attributes have to be set. But, there are certainly situtation where the project team wants to protect a certain container repository from being deleted, but not from being pushed. With this MR, it will be possible to define such a container protection rule.
- Adding validation that ensures that at least one of the fields is present
- Adjusting grapqhl field types
- This MR needs to wait for Protected containers: Rename attributes to mini... (!139413 - merged)
MR acceptance checklist
Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.
MR Checklist (@gerardo-navarro)
-
Changelog entry added, if necessary -
Documentation created/updated via this MR -
Documentation reviewed by technical writer or follow-up review issue created -
Tests added for this feature/bug -
Tested in all supported browsers -
Conforms to the code review guidelines -
Conforms to the merge request performance guidelines -
Conforms to the style guides -
Conforms to the javascript style guides -
Conforms to the database guides -
Wait for Protected containers: Rename attributes to mini... (!139413 - merged) -
Ensure that rollback of migration works; this does not work at the moment
Screenshots or screen recordings
This MR mostly includes backend -related changes.
In the frontend, the project setting UX needs to consider that one of the related attributes minimumAccessLevelForPush
and minimumAccessLevelForDelete
can be blank.
The following screenshot shows the list of container protection rules that displays a meaningful label when the attribute is blank.
The following screenshot shows the alert error message that appears when container protection rule is created with both attributes (minimumAccessLevelForPush
and minimumAccessLevelForDelete
) being blank.
How to set up and validate locally
- Migrate the database
rails db:migrate
- Create container protection rules
ContainerRegistry::Protection::Rule.create(
project: Project.find(7),
repository_path_pattern: "flightjs/flight-minimum-access-level-for-delete-blank",
minimum_access_level_for_push: :maintainer,
minimum_access_level_for_delete: nil
)
ContainerRegistry::Protection::Rule.create(
project: Project.find(7),
repository_path_pattern: "flightjs/flight-minimum-access-level-for-push-blank",
minimum_access_level_for_push: nil,
minimum_access_level_for_delete: :owner
)
- Go to project settings page: http://gdk.test:3000/flightjs/Flight/-/settings/packages_and_registries
- Scroll down to the section
Protected containers
and asses the table
Related to #427546